package cn.tedu.knows.auth.security;

import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;

import javax.swing.*;

@Configuration
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class SecurityConfig extends
        WebSecurityConfigurerAdapter {
    /*设置全部放行,因为这些权限的管理是在Session中设置的
     * 我们设置的令牌不需要这些内容
     * */
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.csrf().disable()  //防跨域攻击
                .authorizeRequests() //访问权限设置
                .anyRequest().permitAll()   //全部放行
                .and().formLogin(); //支持表单登录
    }

    //生成的令牌是需要加密的
    //我们将一个加密对象保存到Spring Security 中
    @Bean
    public PasswordEncoder passwordEncoder() {
        return new BCryptPasswordEncoder();
    }


    /*Spring Cloud Security 登录需要权限管理器
    而这个管理器在本类的父类中
    如果要使用需要保存到Spring中*/


    @Bean
    public AuthenticationManager authenticationManagerBean()
            throws Exception {
        return super.authenticationManagerBean();
    }
}
